<?php
	header("Content-Type:text/html;charset=gb2312");
	date_default_timezone_set('Asia/Shanghai'); 
	include_once("DBConnect.php");
	$con=DB::getDBConnect();
	
	$Bid=$_GET["Bid"];
	$SerialNumber=$_GET["SerialNumber"];
	$Bidder=$_GET["Bidder"];
	$BidTime=date("H:i:s");
	$BidDate=date("Y-m-d");
	
	if ($con){
		$result=mysql_query("SELECT * FROM auctioninfor WHERE SerialNumber='$SerialNumber' ");
		$rows=mysql_fetch_array($result);
		
		$sql_max="SELECT Bid FROM bidreccord WHERE SerialNumber = '$SerialNumber' ORDER BY  bid DESC";
		$max = mysql_query($sql_max);
		$Bid_max=mysql_fetch_array($max);
		if(($Bid<$Bid_max['Bid'])||($Bid<$rows['ReservePrice'])){
			echo "wrong";
		}
		else{
			mysql_query("INSERT INTO bidreccord (SerialNumber,Bid,Bidder,BidDate,BidTime) 
						VALUES 		
						('$SerialNumber','$Bid','$Bidder','$BidDate','$BidTime')");
			//echo 	$Bid."/".$SerialNumber."/".$Bidder."/".$BidTime."/".$BidDate;
			//mysql_close($con);
		}
	}
?>